Help
FortiSIEM Discussions
AlexPien
New Contributor II

Created on ‎09-12-2025 04:58 AM

Best Practise to add PostGreSQL to FortiSIEM

 

Hello everyone,

Has anyone already integrated PostgreSQL with FortiSIEM?

I couldn’t find any reference in the External System Configuration Guide, and I also haven’t come across any parser or predefined event types for PostgreSQL.

From my point of view, the integration should be possible via JDBC, similar to Oracle or other databases. However, I don’t have any hands-on experience with PostgreSQL audit logging or integration, and neither do my customers.

Does anyone have an idea or experience to share? Otherwise, I guess it will be a matter of trial and error. :)

Best regards,
Alex

152
0 Kudos
5 REPLIES 5
Secusaurus
Contributor III

Created on ‎09-12-2025 05:54 AM

Hi @AlexPien,

 

I would just let postresql write to syslog and arrange the machine to send syslog to your collector.

 

Best,

Christian

FCX #003451 | Fortinet Advanced Partner
FCX #003451 | Fortinet Advanced Partner
144
0 Kudos
AlexPien
New Contributor II
In response to Secusaurus

Created on ‎09-12-2025 09:04 AM

Thanks for the link and the idea. This would be more easy! I will try it

138
0 Kudos
jeffery634
New Contributor

Created on ‎09-21-2025 05:56 AM Edited on ‎09-21-2025 05:56 AM

Hey Alex, I actually went through this a while back and can confirm there isn’t a built-in parser for PostgreSQL in FortiSIEM. I ended up connecting via JDBC App, which worked fine, but the main challenge was handling the audit logs since they needed some customization to parse correctly. I had to create a custom parser to map the events in a useful way, but once that was done the integration worked as expected. It definitely took some trial and error, but it’s doable.

89
0 Kudos
loferialopez5
New Contributor

Created on ‎09-21-2025 01:58 PM

You’re right, JDBC should work well for this. I’d suggest enabling detailed audit logging first so FortiSIEM can parse events properly and if you want extra tips, you can Visit 3 patti boss for some solid integration discussions.

76
0 Kudos
jacksonms03
New Contributor

Created on ‎09-29-2025 03:42 PM

Good point JDBC should work fine if you map the audit logs properly. I tried a similar setup once and Spribewin helped me figure out parsing rules, so it might save you some trial-and-error here.

37
0 Kudos
Announcements

Welcome to your new Fortinet Community!

You'll find your previous forum posts under "Forums"

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.